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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- ff NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 
• Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)n This action is FINAL. 2b)M This action is non-final. 

3) n Since this application is in condition for allowance except for fomnal matters, prosecution as to the merits is 

closed in accordance with the practice under £xpa/te Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 7-27 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IE Claim(s) 7-27 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing{s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) Is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or fomn PTO-152. 
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a)n All b)n Some * 0)0 None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Minor Informalities 

1. The Applicant is required to submit a substitute specification, because the heading 
in the specification that list, Related Applications(see pg. 2), does not include the related 
applications serial numbers, and date of filing(see pg. 2 of spec). Correction is required. 

Claim Rejections - 35 USC § 112 

2. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

3. Claims 13-20 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply with 
the enablement requirement. The claim(s) contains subject matter which was not described in 
the specification in such a way as to enable one skilled in the art to which it pertains, or with 
which it is most nearly connected, to make and/or use the invention. The Applicant added new 
claims, but the Examiner cannot find in the specification the claim limitations described. 
Therefore, the claims 13-20 are rejected under 1121^^ 

4. Also, Claim 8, and 21 are rejected under 112 1^\ for the limitations, "wherein the 
applications detect a missing key, and check with the key repository for that key and, if the 
missing key has been reissued, the applications receive a newly-issued key". The specification 
discloses upon approach of expiration, a new key can be issued(see pg. 9), the Applicant has not 
disclosed are described the Hmitations of claims 8 and 21. 



Application/Control Number: 09/736,717 
Art Unit: 2131 



Page 3 



Claim Rejections - 35 USC §103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1-7, 9-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Van 
Oorschot(6,3 1 7,829) in view of Eastlake. 

7. As per claim 1, Van Oorschot discloses a cryptographic keys used during operation of a 
computer system(see col. 3, lines 20-24), providing an old set of cryptographic keys(see col. 6, 
lines 21-32, col 7, Unes 3-14); including at least a first cryptographic key protects an integrity of 
secret information stored in a database(see col. 6, lines 33-47), and the second cryptographic key 
protects access to the secret information stored in the database(see col 4, lines 52-58, col 7, 
lines 30-41), checking with a key repository to determine if a certificate re-issuance is necessary, 
meanwhile maintaining the availability of the old set of cryptographic keys(see col. 6, hnes 22- 
32, col. 7, lines 3-14); the new keys are stored in the database(see col. 4, lines 24-48, col. 7, lines 
6-11), providing the new or revised keys to appUcations that need them when next requested by 
such applications(see col. 3, Unes 30-39, col 6, lines 22-32). Van Oorschot discloses an 
appUcation, because the primary computing unit, and the server communicated the key history 
information via a internet Unk(see col. 5, lines 3-6), an appUcation is inherent in Van Oorschot, 
because Van Oorschot discloses communicating the key information to the primary computing 
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device via an Internet link, this link has an application, such as a web browser. However, Van 
Oorschot does not disclose key rollover. Eastlake does disclose key rollover. 

8. It would have been obvious to one of ordinary skill in the art at the time of the invention 
to combine Van Oorschot with Eastlake to include key rollover, one would have been motivated 
to include key rollover of Eastlake, because in order to obtain high levels of security, keys must 
be periodically changed, or "rolled over"(see pg. 3 of Eastlake). Rollover is necessary because 
the longer a private key is xxsed the more likely it is to be compromised due to cryptanalysis, 
accident or treachery(see pg. 3 of Eastlake). 

9. As per claim 2, Van Oorschot discloses key repository utilizing one or more services of a 
specialized application acting as an extension of the key repository (col. 3, lines 27-39, col. 6, 
lines 22-32). 

10. As per claim 3, Van Oorschot discloses the key repository utilizes the one or more 
services of the specialized application, authenticating authorization of the specialized application 
to perform one or more services(see col. 3, lines 27-39, 51-67, col. 7, lines 30-53). 

11. As per claim 4, Van Oorschot discloses a command that when the key is about to 
approach expiration, a new key is issued(see col. 6, lines 22-32). Van Oorschot does not disclose 
invoking the command. Eastlake discloses invoking a key rollover. The motivation to include 
invoking the key rollover, is that being invoked as a result of a command, is the longer a private 
key is used, the more likely it is to be con:q)romised due to cryptanalysis, accident or 
treachery(see pg. 3 of Eastlake). 

12. As per claim 5, Van Oorschot discloses a periodic check which senses that the old set of 
cryptographic keys are approaching expiration (see col. 4, Unes 24-47, col. 6, lines 21-32). 
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13. As per claim 6, Van Oorschot discloses a result of sensing an expired key(see col. 4, lines 
24-47, col. 6, Unes 21-32). 

14. As per claim 7, Van Oorschot discloses wherein the applications are notified of the 
presence of new keys by the key repository process(see col. 8, lines 41-56). 

15. As per claim 9, Van Oorschot discloses wherein the key repository process is prompted 
by the applications to invoke the method as a result of the applications detecting a key 
approaching expiration (see col. 6, lines 62-67, col. 7, lines 1-1 1). 

16. As per claim 10, Van Oorschot discloses wherein the applications request the key 
repository process to provide a new key as a result of applications detecting an expired key(see 
col. 7, lines 1-14). 

17. As per claim 11, Van Oorschoot discloses a key repository configured to maintain at least 
a first key and second key(see fig. 1, sheet 1), and a database coupled to the key repository(see 
fig. 1, sheet 1), and storing secret information wherein the first key protects an integrity of the 
secret information stored in the database(see col. 6, lines 33-49), and the second key protects 
access to the secret information stored in the database(see col. 4, lines 52-58, col. 7, lines 30-41). 

18. As per claim 12, Van Oorschoot discloses at least one appKcation that can access the key 
repository, wherein the at least one apphcation is preauthorized to access the second key and can 
perform at least one function using the secret information without user intervention(see col. 5, 
lines 64-67, col. 6, lines 1-7). 

19. Claims 8, and 21 are rejected under 112, but are allowable for the feature of an 
application detecting a missing key, and check with the key repository for that key and, if the 
missing key has been reissued, the appUcations receive a newly-issued key, the prior art of 
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digital certificates and revocations, discloses that if a key is missing or lost, that the key can be 
recovered through various cryptographic techniques. In prior art it does not disclose that if a key 
is missing, reissuing another key. 

20. Claims 13-20 are rejected under 112 1^^, because the claimed limitations are not described 
in the specification. 

Response to Amendment 

21 . The Applicant states that Van Oorschot does not disclose a first cryptographic key that 
protects an integrity of secret information stored in a database and a second cryptographic key 
that protects access to the secret information stored in the database. The Examiner disagrees 
with the Applicant. Van Oorschot discloses that to help prevent unauthorized acquisition of the 
secret decryption keys, the public repository unit includes a decryption private key encryptor for 
protecting the sensitive private key data(see col 6, lines 32-36). Van Oorschot also discloses the 
public repository has access control protection, such as a password(see col. 4, lines 52-56, col. 7, 
lines 30-41). 

22. Claims 8 and 21 are rejected under 1 12 l^\see rationale above). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should^be directed to Jenise E. Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Shiekh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system Status information for published applications 
may be obtained from either Private PAIR or PubUc PAIR. Status information for unpublished 
appUcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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